Hackers managed to find a security hole in the cooperation του Google Pay με την online τράπεζα PayPal και το χρησιμοποιούν για να αγοράζουν προϊόντα επιβαρύνοντας μη εξουσιοδοτημένους λογαριασμούς της internet banking.
Since last Friday, some users have reported seeing mysterious transactions appear in their PayPal transaction history, originating from account on Google Pay.
These problems have been reported on many websites, such as PayPal forums [1, 2, 3, 4, 5, 6, 7], on Reddit [1, 2], on Twitter, [1, 2], and on the Google Pay support forums in Germany and Russia [1, 2, 3, 4, 5, 6, 7, 8, 9, 10].
The victims report that hackers use Google Pay accounts to buy products with linked PayPal accounts. According to the screenshots above, most of the transactions were made from online stores in the United States and especially from Target stores.
Most of the victims appear to be German users.
The estimated losses amount to tens of thousands of euros, based on the above publications, since some transactions exceed 1.000 euros.
At the moment, PayPal is not aware of the security loophole exploited by hackers, but as he told ZDNet, they are reportedly investigating the matter.
"The security of our customers' accounts is top notch priority for the company. We are reviewing and evaluating all information and will take the appropriate measures we deem necessary to further protect our customers."